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DETAILED ACTION 

Response to Amendment 

Claim 4 has been cancelled. Applicant's arguments/amendments with respect to pending 
claims 1-3 & 5-32 filed 1 1/4/2008 have been fully considered but they are not persuasive. The 
Examiner would like to point out that this action is made final (See MPEP 706.07a). 

Response to Arguments 

Applicants contend that "Wertheimer is different than the method of the claimed 
invention in which a one way function is only applied to the secondary entities' identifiers and 
the first secret key." In response to Applicant's argument that the references fail to show certain 
features of applicant's invention, it is noted that the features upon which applicant relies (i.e., 
that the one way hash function can only be applied to the secondary entities' identifiers and the 
first secret key) are not recited in the rejected claim(s). Although the claims are interpreted in 
light of the specification, limitations from the specification arc not read into the claims. See In 
re Van Geuns, 988 F.2d 1 181, 26 USPQ2d 1057 (Fed. Cir. 1993). Thus, the claim language does 
not limit the scope of the claims to apply the one way hash function only to two elements as 
opposed to three elements. 

Due to the reasons stated above, the Examiner maintains rejections with respect to the 
pending claims. The prior arts of records taken singly and/or in combination teach the limitations 
that the Applicant suggests distinguish from the prior art. Therefore, it is the Examiner's 
conclusion that the pending claims are not patentably distinct or non-obvious over the prior art of 
record as presented. 
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Claim Rejections - 35 USC §102 

I. The following is a quotation of the appropriate paragraphs of 35 U.S. C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

II. Claims 1-3, 5-16, 18-20, 22-24, 26-28, and 30-32 are rejected under 35 U.S.C. 102(b) as 
being fully anticipated by Wertheimer et al., US Patent No. 5,920,630. 

As per claim 1 : 

Wertheimer et al. teach a method including the steps of: allocating first secret key to the 
primary entity (col. 6, lines 53-57); for each of the one or more secondary entities, determining 
second secret key by applying a one way function to that secondary entity's identifier and the 
first secret key (col. 6, line 65 - col. 7, line 1 1), such that the second secret key is a variant of the 
first secret key only ascertainable with knowledge of the first secret key (col. 6, line 65 - col. 7, 
line 1 1); allocating the second secret key to the or each secondary entity (col. 7, lines 12-25). 
As per claim 2: 

Wertheimer et al. teach the method according to claim 1 . Furthermore, Wertheimer et al. 
teach wherein the identifiers allocated to the secondary entities are generated stochastically, 
pseudo-randomly or arbitrarily (col. 8, lines 53-67). 
As per claim 3 : 

Wertheimer et al. teach the method according to claim 2. Furthermore, Wertheimer et al. 
teach wherein the one-way function is a hash function (col. 9, lines 8-15). 
As per claim 5: 
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Wertheimer et al. teach the method according to claim 3. Furthermore, Wertheimer et al. 
teach wherein the one-way function is a Secure Hash Algorithm function (col. 9, lines 8-15). 
As per claim 6: 

Wertheimer et al. teach the method according to claim 1 . Furthermore, Wertheimer et al. 
teach wherein each of the entities is implemented in an integrated circuit (col. 6, lines 25-50). 
As per claim 7: 

Wertheimer et al. teach the method according to claim 1 . Furthermore, Wertheimer et al. 
teach wherein each of the entities is implemented in an integrated circuit separate from the 
integrated circuits in which the other entities are implemented (col. 6, lines 25-50). 
As per claim 8: 

Wertheimer et al. teach the method according to claim 1 . Furthermore, Wertheimer et al. 
teach wherein one or more of the secondary entities are implemented in a corresponding plurality 
of integrated circuits (col. 6, lines 25-50). 
As per claim 9: 

Wertheimer et al. teach the method according to claim 1. Furthermore, Wertheimer et al. 
teach wherein the primary entity is implemented in an integrated circuit (col. 6, lines 25-50). 
As per claim 10: 

Wertheimer et al. teach the method according to claim 1 . Furthermore, Wertheimer et al. 
teach wherein both the primary and secondary entities are implemented in integrated circuits 
(col. 6, lines 25-50). 
As per claim 1 1 : 
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Wertheimer et al. teach the method according to claim 1 . Furthermore, Wertheimer et al. 
teach in which the first entity wishes to communicate with one of the second entities, the method 
including the steps, in the first entity, of: receiving data from the second entity (col. 6, line 53 - 
col. 7, line 1 1); using the data and the first secret key to generate the second secret key associated 
with the second entity (col. 6, line 53 - col. 7, line 1 1). 
As per claim 12: 

Wertheimer et al. teach the method according to claim 1 1 . Furthermore, Wertheimer et al. 
teach wherein the data contains an identifier for the second entity (col. 6, line 65 - col. 7, line 
11). 

As per claim 13: 

Wertheimer et al. teach the method according to claim 1 1 . Furthermore, Wertheimer et al. 
teach in which the first entity wishes to send an authenticated message to the second entity, the 
method including the steps, in the first entity, of: using the generated second secret key to sign a 
message, thereby generating a digital signature; outputting the message and the digital signature 
for use by the second entity, which can validate the message by using the digital signature and its 
own copy of the second secret key (col. 10, lines 19-37). 
As per claim 14: 

Wertheimer et al. teach the method according to claim 13. Wertheimer further teach the 
method in which the generated signature includes its own copy of the second secret key and in 
which the generated signature includes a nonce from the first entity, and the output from the first 
entity includes the nonce, thereby enabling the second entity to validate the message using the 
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digital signature, the nonce (col. 12, lines 43-51). 
As per claim 15: 

Wertheimer et al. teach the method according to claim 1 1 . Furthermore, Wertheimer et 
al. teach wherein the data contains a first nonce (col. 12, lines 43-51). 
As per claim 16: 

Wertheimer et al. teach the method according to claim 15. Furthermore, Wertheimer et 
al. teach the method in which the first entity wishes to send an authenticated message to the 
second entity, the method including the steps, in the first entity, of: using the generated second 
secret key and the nonce to sign a message, thereby generating a digital signature; outputting the 
message and the digital signature for use by the second entity, which can validate the message by 
using the digital signature and its own copy of the second secret key (col. 12, lines 43-60). 
As per claim 18: 

Wertheimer et al. teach the method according to claim 1 1 . Furthermore, Wertheimer et 
al. teach the method in which the first entity wishes to send an encrypted message to the second 
entity, the method including the steps, in the first entity, of: using the generated second secret 
key to encrypt a message, thereby generating an encrypted message; outputting the encrypted 
message for use by the second entity, which can decrypt the message by using its own copy of 
the second secret key (col. 9, lines 49-61). 
As per claim 19: 

Wertheimer et al. teach the method according to claim 18. Furthermore, Wertheimer et al. 
teach the method in which the encrypted message includes a nonce from the first entity, and the 
output from the first entity includes the nonce, thereby enabling the second entity to decrypt the 



Application/Control Number: 10/727,192 Page 7 

Art Unit: 2437 

message using the nonce, and its own copy of the second secret key (col. 12, lines 43-51). 
As per claim 20: 

Wertheimer et al. teach the method according to claim 15. Furthermore, Wertheimer et 
al. teach the method in which the first entity wishes to send an encrypted message that 
incorporates the first nonce to the second entity, the method including the steps, in the first 
entity, of: using the generated second secret key to encrypt a message and the first nonce, thereby 
generating an encrypted message; outputting the encrypted message for use by the second entity, 
which can decrypt the encrypted message by using its own copy of the second secret key (col. 
10, lines 19-37). 
As per claim 22: 

Wertheimer et al. teach the method according to claim 1 . Furthermore, Wertheimer et al. 
teach the method in which one of the second entities wishes to send an authenticated message to 
the first entity, the method including the steps, in the second entity, of: using the second secret 
key to sign a message, thereby to generate a digital signature; and outputting the message, digital 
signature and the second entity's identifier for use by the first entity, such that the first entity can 
use the identifier and the first secret key to generate the second secret key associated with the 
second entity, and thereby authenticate the message via the digital signature (col. 10, lines 19- 
37). 

As per claim 23 : 

Wertheimer et al. teach the method according to claim 1 . Furthermore, Wertheimer et al. 
teach the method in which one of the second entities wishes to send an authenticated message to 
the first entity, the method including the steps, in the second entity, of: using the second secret 
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key and a nonce to sign a message, thereby to generate a digital signature; and outputting the 
message, nonce, digital signature and the second entity's identifier for use by the first entity, such 
that the first entity can use the identifier and the first secret key to generate the second secret key 
associated with the second entity, and thereby authenticate the message via the nonce and digital 
signature (col. 12, lines 43-60). 
As per claim 24: 

Wertheimer et al. teach the method according to claim 1 . Furthermore, Wertheimer et al. 
teach the method in which one of the second entities wishes to send an authenticated message to 
the first entity, the method including the steps, in the second entity, of: receiving a first nonce 
from the first entity; using the second secret key and the first nonce to sign a message, thereby to 
generate a digital signature; and outputting the message, digital signature and the second entity's 
identifier for use by the first entity, such that the first entity can use the identifier and the first 
secret key to generate the second secret key associated with the second entity, and thereby 
authenticate the message via the first nonce and digital signature (col. 11, lines 2-40 and col. 12, 
lines 43-51). 
As per claim 26: 

Wertheimer et al. teach the method according to claim 1 . Furthermore, Wertheimer et al. 
teach the method in which one of the second entities wishes to send an encrypted message to the 
first entity, the method including the steps, in the second entity, of: using the second secret key to 
encrypt the message, thereby to generate an encrypted message; and outputting the encrypted 
message and the second entity's identifier for use by the first entity, such that the first entity can 
use the identifier and the first secret key to generate the second secret key associated with the 
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second entity, and thereby decrypt the encrypted message (col. 9, lines 20-61). 
As per claim 27: 

Wertheimer et al. teach the method according to claim 1 . Furthermore, Wertheimer et al. 
teach the method in which one of the second entities wishes to send an encrypted message to the 
first entity, the method including the steps, in the second entity, of: using the second secret key to 
encrypt the message and a nonce, thereby to generate an encrypted message; and outputting the 
nonce, encrypted message and the second entity's identifier for use by the first entity, such that 
the first entity can use the identifier and the first secret key to generate the second secret key 
associated with the second entity, and thereby decrypt the encrypted message (col. 10, lines 40- 
58). 

As per claim 28: 

Wertheimer et al. teach the method according to claim 1 . Furthermore, Wertheimer et al. 
teach the method in which one of the second entities wishes to send an encrypted message to the 
first entity, the method including the steps, in the second entity, of: receiving a nonce from the 
first entity; using the second secret key to encrypt the message and the nonce, thereby to generate 
an encrypted message; and outputting the encrypted message and the second entity's identifier 
for use by the first entity, such that the first entity can use the identifier and the first secret key to 
generate the second secret key associated with the second entity, and thereby decrypt the 
encrypted message (col. 10, lines 51-64). 
As per claim 30: 

Wertheimer et al. teach the method according to any one of claims 14, 15, 16, 17, 19, 20, 
21, 23, 24, 25, 27, 28 or 29 (i.e. claim 14). Furthermore, Wertheimer et al. teach wherein at least 
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one of the nonces is a pseudo-random number (col. 10, lines 59-64). 
As per claim 3 1 : 

Wertheimer et al. teach the method according to any one of claims 11 to 21 (i.e. claim 
1 1). Furthermore, Wertheimer et al. teach wherein the communication is an authenticated read 
of a field of the first entity (col. 7, lines 1-31). 
As per claim 32: 

Wertheimer et al. teach the method according to any one of claims 22 to 29 (i.e. claim 
22). Furthermore, Wertheimer et al. teach wherein the communication is an authenticated read 
of a field of the second entity (col. 7, lines 1-31). 

Claim Rejections - 35 USC § 103 

III. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

IV. Claims 17, 21, 25, and 29 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Wertheimer et al, US Patent No. 5,920,630 as applied to claims 1, 3, 16, and 20 above, and 
further in view of Bruce Schneier, Applied Cryptography. 

As per claim 17: 

Wertheimer et al. substantially teach the method according to claim 16. Not explicitly 
disclosed is the method in which the generated signature includes a second nonce from the first 
entity, and the output from the first entity includes the second nonce, thereby enabling the second 
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entity to validate the message using the digital signature, the first and second nonces, and its own 
copy of the second secret key. However, Schneier teaches that timestamps may be used in 
combination with digital signatures in order to prevent against replay attacks. Therefore, it would 
have been obvious to a person in the art at the time the invention was made to modify the method 
disclosed in Wertheimer et al. to use timestamps with digital signature technology in order to 
prevent from various attacks. This modification would have been obvious because a person 
having ordinary skill in the art, at the time the invention was made, would have been motivated 
to do so since Schneier suggests that timestamps prevent replay attacks on page 38, third 
paragraph under section "Signing Documents and Timestamps." 
As per claim 21: 

Wertheimer et al. substantially teach the method according to claim 20. Not explicitly 
disclosed is the method in which the encrypted message includes a second nonce from the first 
entity, and the output from the first entity includes the second nonce. However, Schneier teaches 
that timestamps may be used in combination with digital signatures in order to prevent against 
replay attacks. Therefore, it would have been obvious to a person in the art at the time the 
invention was made to modify the method disclosed in Wertheimer et al. to use timestamps with 
digital signature technology in order to prevent from various attacks. This modification would 
have been obvious because a person having ordinary skill in the art, at the time the invention was 
made, would have been motivated to do so since Schneier suggests that timestamps prevent 
replay attacks on page 38, third paragraph under section "Signing Documents and Timestamps." 
As per claim 25: 
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Wertheimer et al. substantially teach the method according to claim 1 . Furthermore, 
Wertheimer et al. teach the method in which one of the second entities wishes to send an 
authenticated message to the first entity, the method including the steps, in the second entity, of: 
receiving a first nonce from the first entity; using the second secret key and the first nonce, 
thereby to generate a digital signature; and outputting the message, digital signature and the 
second entity's identifier for use by the first entity, such that the first entity can use the identifier 
and the first secret key to generate the second secret key associated with the second entity, and 
thereby authenticate the message via the first nonce, and digital signature (col. 10, lines 51-64). 

Not explicitly disclosed is using a second nonce in generating a signature for the 
message, outputting the second nonce, and authenticating the second nonce. However, Schneier 
teaches that timestamps may be used in combination with digital signatures in order to prevent 
against replay attacks. Therefore, it would have been obvious to a person in the art at the time the 
invention was made to modify the method disclosed in Wertheimer et al. to use timestamps with 
digital signature technology in order to prevent from various attacks. This modification would 
have been obvious because a person having ordinary skill in the art, at the time the invention was 
made, would have been motivated to do so since Schneier suggests that timestamps prevent 
replay attacks on page 38, third paragraph under section "Signing Documents and Timestamps." 
As per claim 29: 

Wertheimer et al. substantially teach method according to claim 1 . Furthermore, 
Wertheimer et in which one of the second entities wishes to send an encrypted message to the 
first entity, the method including the steps, in the second entity, of: receiving a first nonce from 
the first entity; using the second secret key to encrypt the message and the first nonce, thereby to 
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generate an encrypted message; and outputting, the encrypted message and the second entity's 
identifier for use by the first entity, such that the first entity can use the identifier and the first 
secret key to generate the second secret key associated with the second entity, and thereby 
decrypt the encrypted message (col. 10, lines 51-64). 

Not explicitly disclosed is encrypting a second nonce and outputting a second nonce. 
However, Schneier teaches that timestamps may be used in combination with digital signatures 
in order to prevent against replay attacks. Therefore, it would have been obvious to a person in 
the art at the time the invention was made to modify the method disclosed in Wertheimer et al. to 
use timestamps with digital signature technology in order to prevent from various attacks. This 
modification would have been obvious because a person having ordinary skill in the art, at the 
time the invention was made, would have been motivated to do so since Schneier suggests that 
timestamps prevent replay attacks on page 38, third paragraph under section "Signing 
Documents and Timestamps." 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
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CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Nadia Khoshnoodi whose telephone number is (571) 272-3825. 
The examiner can normally be reached on M-F: 8:00-4:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on (571) 272-3865. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

/Nadia Khoshnoodi/ 
Examiner, Art Unit 2437 
1/15/2009 

NK 

/Emmanuel L. Moise/ 

Supervisory Patent Examiner, Art Unit 2437 



